Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-35476
A remote code execution vulnerability occurs in OpenTSDB up to and including 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.j...
Opentsdb Opentsdb
1 Metasploit module
2 Github repositories
5
CVSSv2
CVE-2019-14430
plugin/Audit/Objects/AuditTable.php in YouPHPTube up to and including 7.2 allows SQL Injection.
Youphptube Youphptube
1 EDB exploit
7.5
CVSSv2
CVE-2018-7474
An issue exists in Textpattern CMS 4.6.2 and previous versions. It is possible to inject SQL code in the variable "qty" on the page index.php.
Textpattern Textpattern
1 EDB exploit
7.5
CVSSv2
CVE-2018-7538
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform prior to 9.18 allows malicious users to execute arbitrary SQL commands.
Enalean Tuleap
1 EDB exploit
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.30
Davethewebguy Battle Blog 1.25
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
7.4
CVSSv2
CVE-2013-1617
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
9
CVSSv2
CVE-2017-6088
Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or th...
Eyesofnetwork Eyesofnetwork
1 EDB exploit
7.5
CVSSv2
CVE-2017-14738
FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).
Filerun Filerun
1 EDB exploit
7.5
CVSSv2
CVE-2010-1583
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! prior to 0.6.3, allows remote malicious users to execute arbitrary SQL commands via the username field in a login action.
Taskfreak Taskfreak\\! 0.5.5
Taskfreak Taskfreak\\! 0.5.6
Taskfreak Taskfreak\\! 0.5.3
Taskfreak Taskfreak\\! 0.1.2
Taskfreak Taskfreak\\! 0.1
Taskfreak Taskfreak\\! 0.4.2
Taskfreak Taskfreak\\! 0.5.0
Taskfreak Taskfreak\\! 0.4.1
Taskfreak Taskfreak\\! 0.4.0
Taskfreak Taskfreak\\! 0.6.0
Taskfreak Taskfreak\\! 0.5.4
Taskfreak Taskfreak\\! 0.5.7
Taskfreak Taskfreak\\!
Taskfreak Taskfreak\\! 0.6.1
Taskfreak Taskfreak\\! 0.5.1
Taskfreak Taskfreak\\! 0.5.2
Taskfreak Taskfreak\\! 0.1.4
Taskfreak Taskfreak\\! 0.1.3
Tirzen Tirzen Framework 1.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »